Supply Chain Intelligence is an improved method for continuously discovering, monitoring, assessing and mitigating risk introduced to your organization through 3rd party technologies, vendors, and suppliers.

In this blog and video a Cyberint cybersecurity expert explains how the ‘dark web’ operates and shows real live examples of actors and their criminal activity. Learn how to access the dark web and what are some of the most common behaviors that companies should be watching out for.

In 2022 & 2023 Western government agencies have managed to take down multiple prominent dark web forums such as RaidForums in April 2022, BreachedForums in March 2023, and Genesis Marketplace in April 2023. This might make threat actors in the West feel less confident in initiating activities on such monitored platforms and could shift their focus to Chinese-speaking forums.

It’s time to broaden our conception of the external attack surface to include all common attack vectors. Traditionally, the external attack surface is thought of as all of an organization’s external IT assets: domains, addresses, web servers, SSL certificates, externally-visible software, and so on.

Supply chain attacks are a growing and increasingly sophisticated form of cyber threat. They target the complex network of relationships between organizations and their suppliers, vendors, and third-party service providers. These attacks exploit vulnerabilities that emerge due to the interconnected nature of digital supply chains, which often span multiple organizations, systems, and geographies.

Cyber attacks can have a significant impact on point-of-sale (POS) services, which are used in retail environments to process transactions and collect payments from customers. POS systems typically involve the use of software, hardware, and network components, which can be vulnerable to a variety of cyber threats. A successful campaign targeting POS systems can result in credit card theft, transaction tampering, service disruption, brand damage and other severe organizational damage.

Since the beginning of the year, we have witnessed the success of numerous operations by law authorities worldwide in the war against cybercrime. Totaling 120 arrests from Hive shutdown, Pompompurin’s arrest, BreachForums Shutdown, and now Genesis market, it seems that law authorities are managing to hunt some high-profile threat actors worldwide. These arrests are only possible due to corporation between several government agencies worldwide.

The first quarter of 2023 was the best quarter we’ve seen for the ransomware industry in a long time, even exceeding Q1 2022. With 831 victims, Q1 2023’s victim count was much higher than the first quarter of 2022, with just 763 victims. Unsurprisingly, LockBit3.0 remained the number one group claiming an average of around 23 victims per week and almost 33% of all ransomware cases this quarter.

A supply chain attack that targets customers of the 3CX Voice Over Internet Protocol (VoIP) desktop client has been discovered. Threat actors have created a digitally signed and malicious version of the software, which is being used to target both Windows and macOS users of the app. The threat actors are deploying second-stage payloads and are believed to be linked to a North Korean state-backed hacking group, , although this attribution has not been confirmed.

Clop, aka Cl0p, is a ransomware group that emerged in February 2019 and targeted almost any sector in the world, including retail, transportation, education, manufacturing, automotive, energy, financial, telecommunications and even healthcare. The clop ransomware group is linked as a successor of the CryptoMix ransomware group. The Cyberint Research Team identified an anomaly in Clop’s activity in the past two weeks.